Certified Advanced Persistent Threat Analyst


Certified Advanced Persistent Threat Analyst, Singapore elarning online course

Course Description

Cyber-attacks have become so sophisticated over the years, that a new term has emerged - Advanced Persistent Threat, which we will refer to as APT. An APT is a group of individuals that have both the means and the intent to launch persistent attacks against specific targets. Understanding these groups and their behavior is important when evaluating threats against any organization.

Hackers have traditionally targeted large corporations, but today small to midsize businesses are being attacked with the same type of highly sophisticated malware. These new strains of advanced malware are often referred to as APTs

Modern malware uses Advanced techniques such as encrypted communication channels, kernel-level rootkits, and sophisticated evasion capabilities to get past a network’s defenses. More importantly, they often leverage zero day vulnerabilities – flaws for which no patch is available yet and no signature has been written.

Modern malware is often Persistent and designed to stick around. It’s stealthy and carefully hides its communications. It lives in a victim’s network for as long as possible, often cleaning up after itself by deleting logs, using strong encryption, and only reporting back to its controller in small, obfuscated bursts of communication.

Many attacks are now blended combinations of different techniques. A common tactic for hackers is to initiate an APT with spear phishing. This involves sending a carefully crafted email that appears to be in the from of a known individual or business with a link to a malicious website or an infected download.

Once the initial breach is successful, attackers can further damage defenses by disabling security protocols, changing security settings or stealing passwords. Groups of highly skilled, motivated, and very well-funded attackers represent significant Threats because they have very specific targets and goals in mind – often financial gain from theft of credit cards and other valuable account information.

Here are the topics that we will be covering in this course. We will begin by going over the APT Lifecycle and teach you a structured approach to analyze and assess inherent vulnerabilities. We will teach you mitigation and countermeasures that may prevent an attacker from gaining a foothold into an organization.

Next, we will get you familiar with APT1 Group and some common ATPs we have seen in the last few years like Stuxnet, and two new ones, Adwind and Poseidon. Lastly, we will get you familiar with the Cyber World War.


Course Objectives

1. Understanding APTs
2. Equation Group
3. Advanced Dissecting Techniques
4. Fighting ATPs


Related Courses

  • 1st step to certification: CompTIA Security+ Certification (SY0-401)

    1st step to certification: CompTIA Security+ Certification (SY0-401)

    SGD $40.00

    Course Description

    Network and computer security used to be a high proiority, now security has become an absolute necessity. Understanding the fundamentals of network and computer security is a must in today's environment. CompTIA's Security+ certification is recognized around the world as validation that you know about the fundamental network and computer security practices and actions as well as the technologies involved. Earning the Security+ certification will open doors in the Information Technology workplace. In this course, Mark Long goes step-by-step to help you understand the various technologies and techniques to help you prepare for the CompTIA Security+ SY0-401 exam. Mark has been working in Information Technology for over 25 years and has worked in data security in the corporate environment and brings real-world knowledge to help you get ready for this exam.Be fully prepared for your certifications exams!- Learn of the examination outline before sitting for your certification - Know and understand the topics that may be covered in your examinations- Learn and understand the chapters for each tailored certification - Go through past questions to have a feel of the examinationsThis course is SkillsFuture Credit Eligible.

    Read more...

  • 1st step to certification: CompTIA Linux+ (LX0-101)

    1st step to certification: CompTIA Linux+ (LX0-101)

    SGD $54.00

    Course Description

    Veteran VTC instructor Bobby Rogers guides you through an in-depth review of the Linux+ LX0-101 exam from a very practical, hands-on perspective. This course provides step-by-step demonstrations of the different commands, utilities, and configuration options you really need to know before taking the exam. Bobby covers all domains and objectives required for the exam, including installation, hardware configuration, package management, and file management. Be fully prepared for your certifications exams!- Learn of the examination outline before sitting for your certification - Know and understand the topics that may be covered in your examinations- Learn and understand the chapters for each tailored certification - Go through past questions to have a feel of the examinations

    Read more...

  • Certification at Your Fingertips - Microsoft 70 -642 TS: Windows Server 2008 Network Infrastructure, Configuring

    Certification at Your Fingertips - Microsoft 70 -642 TS: Windows Server 2008 Network Infrastructure, Configuring

    SGD $589.00

    Course Description

    Practice Lab  This course comes with a Remote Practice Environment, a virtual remote environment; where you are able to practically apply the skills you have learned on the respective server, systems and networks. With this platform, get one step ahead in your preparation for your certification exams! Whether it’s Cisco, Microsoft or VMware, our Practice Lab unifies access to all of these vendors through a web browser interface. Pre-configured hardware layouts with accompanying lab guides for fast, convenient access to gain hands on experience. With step-by-step instructions covering thousands of practical tasks across Cisco, Microsoft, VMware and CompTIA exam titles, the Practice Lab makes studying for an exam or learning new technologies an engaging experience. What this course prepares you for: This course prepares students for the 70-642: Windows Server 2008 Network Infrastructure, Configuring exam. This course provides students with the knowledge and skills to configure and troubleshoot Windows Server 2008 and Windows Server 2008 R2 Sp1 Network Infrastructures. This course will cover networking technologies most commonly used with Windows Server 2008 and Windows Server 2008 R2 Sp1, such as DNS, DHCP, IPv4 and IPv6 network addressing, Network Policy server, Network Access Protection, and configuring secure network access. It also covers fault tolerant storage technologies, Network Storage, routing and remote access, monitoring and compliance updates, as well as other relevant technologies. Ace your certification examination with this preparation course! - Learn of the examination outline before sitting for your certification  - Know and understand the topics that may be covered in your examinations - Understand both practical and theory aspects of the examination - Apply the practical skills through the Remote Practice Environment

    Read more...


Content

Understanding APTs

+

Advanced Persistent Threat Defender Course Intro

APT Overview Part 1

APT Overview Part 2

APT Overview Part 3

APT Overview Part 4

APT Overview Part 5

Cyber Kill Chain & APT Lifecycle Part 4

Cyber Kill Chain & APT Lifecycle Part 5

Cyber Kill Chain & APT Lifecycle Part 6

Cyber Kill Chain & APT Lifecycle Part 7

Cyber Kill Chain & APT Lifecycle Part 8

APT1 Overview

Stuxnet Overview Part 1

Stuxnet Overview Part 2

Stuxnet Overview Part 3

Cyberwar: New Domain of Warfare

Mr. Robot Threat Capabilities

Cyber Kill Chain & APT Lifecycle Part 1

Cyber Kill Chain & APT Lifecycle Part 2

Cyber Kill Chain & APT Lifecycle Part 3

Equation Group

+

Equation Group Overview Part 1

Equation Group Overview Part 2

Equation Group Components Part 1

Equation Group Components Part 2

Equation Group Components Part 3

DoubleFantasy

EquationDrug

GrayFish

Fanny Part 1

Fanny Part 2

Infection Mechanism

LAB 2: Equation Group

Advanced Dissecting Techniques

+

Advanced Dissecting Techniques Overview Part 1

Advanced Dissecting Techniques Overview Part 2

Binary Instrumentation Part 1

Binary Instrumentation Part 2

Binary Instrumentation Part 3

Automated String Decoding Part 1

Automated String Decoding Part 2

Automated String Decoding Part 3

Automated String Decoding Part 4

Immunity Debugger PyCommands Part 1

Immunity Debugger PyCommands Part 2

Immunity Debugger PyCommands Part 3

Immunity Debugger PyCommands Part 4

Windows Kernel Drivers Analysis? Part 1

Windows Kernel Drivers Analysis? Part 2

Windows Kernel Drivers Analysis? Part 3

Windows Kernel Drivers Analysis? Part 4

Windows Kernel Drivers Analysis? Part 5

Fighting ATPs

+

The Challenge Part 1

The Challenge Part 2

The Challenge Part 3

Callback detection strategy Part 1

Callback detection strategy Part 2

Application Crashing Monitoring

SGD $299.00
(Price excludes GST)
GET ACCESS NOW
Convince your boss email
This site is best viewed using the latest versions of Google Chrome, Apple Safari, Mozilla FireFox, Microsoft Internet Explorer 11 and Edge which supports HTML5/Webkit technologies.